Are You Protected From This Common Program Which is The Internets Biggest Vulnerability?
Going on the internet, exposes your computer to vulnerabilities. These vulnerabilities range from phishing scams, to credit card theft to authentication issues.
While most of these issues can be handled by basic computer safety procautions such as using a VPN service like securevpn.com and updating your passwords, there are some vulnerabilities which require increased vigilance.
One of the most troubling and most common types of vulnerabilities are to what’s known as Exploit kits.
What is an Exploit Kit?
Exploit kits are a crimeware as a service (CAAS) meaning that like apps or Internet downloads, criminals pay per install of their malware in an unsuspecting victims computer. These exploit kits allow scammers to create and distribute malicious URLs through various forms from email hacking to third party advertising sometimes known as Malvertising.
While a VPN like securevpn.com can protect some of your information such as your IP address and location, these exploit kits circumnavigate that level of protection.
How It Works
Once an exploit kit has been loaded into a URL, the victim loads the URL unknowingly either by visiting a compromised website, clicking on a malvertisment or following a link to the landing page.
A Drive By Download occurs when you visit or stop by a page allowing malicious software to be unintentionally downloaded onto your system without you having to authorize it, or click on it in any way!
Scary stuff, which you won’t even know has happened until it’s too late.
The Everyday Program That Lets This Happen
Earlier this year Recorded Future an internet technology company specializing in real time threat intelligence analyzed thousands of web sources including .onion (the server the so called “dark web” is run on which was made famous by the illicit drug trading site The Silk Road), criminal forums and social media, focusing on exploit kits and vulnerability discussions from January-September.
The results of their analysis showed overwhelmingly that Adobe Flash was the most vulnerable program on the Internet with 8 of the top 10 vulnerabilities coming from the Flash program alone!
The other two vulnerabilities came from Microsoft’s Internet explorer and Silverlight.
What This Means For Your Internet Security
Due to it’s overwhelming popularity, Adobe Flash is used all over the internet, but it is clear from Recorded Future’s report that it is not a part of safe internet browsing even if you are taking all other precautions including the use of a VPN.
Because the exploit kits can be downloaded in the background of your browser, even a VPN is not enough to keep these attacks out of your system. The only way to avoid them is to avoid flash sites and all non trustworthy URLs.
While several vulnerabilities have been patched, including the top vulnerability CVE 2015-0313 – affecting Flash Player 220.127.116.116, there are still hundreds of vulnerabilities in flash being recorded as recently as a few weeks ago.
In fact Flash versions older than 18.104.22.168 or 22.214.171.124 are restricted from running on Apple’s OS X system.
What Should You Do?
The safest solution is to disable flash altogether.
While this will lead to a more difficult experience browsing the web, you will be closing off the major path of entry for these exploit kits and ensuring that you are not victim to a myriad of schemes that can happen without you even knowing about them until it’s too late.
If discontinuing your use of Flash is not an option due to work or simply enjoying the benefits the program provides, then it is highly recommend that you install EVERY update to Flash available and check for updates on a weekly basis to maintain the most up to date patching of recurring issues and newly discovered issues.
If that proves too difficult the easiest way to have the most basic of protection against these vulnerabilities is to enable click to play in your web browser which will act as an effective stop gap between your system and the Adobe Flash program.
Now more than ever internet security is a huge concern, it’s not enough to have complicated passwords, use a VPN, and avoid clicking on random URLs posted on social media. If you want to stay safe, you must keep an eye on the vulnerabilities your system is exposed to and do your best to stay up to date on the updates and solutions to those vulnerabilities.
Why Opera's 'Built In VPN' Service Won't Keep Your Information Safe
Web browser Opera is offering the latest version of it’s browser with the added feature of “built in” VPN protection. This should be great news as one of the most popular “underground” browsers is hopping aboard the VPN train...
How To Navigate Changes In Internet Payments
Many businesses and consumers could find themselves locked out of secure payment websites if they don’t make changes to their Internet security in the next 2 weeks!